The World Privacy Forum submitted comments today to the National Institute of Standards and Technology in response to its publication, Draft Report on De-Identification of Personally Identifiable Information (NISTIR 8053). The WPF welcomes the draft NIST report, as the area of de-identification and re-identification of personal data swirls with controversy and confusion. We see considerable value
The World Privacy Forum filed comments with the U.S. Department of Commerce in response to its Request for Comments about big data, privacy, and the Consumer Privacy Bill of Rights. The White House Big Data report recognized that Big Data “raises considerable questions about how our framework for privacy protection applies in a big data ecosystem” and has the potential to “eclipse longstanding civil rights protections in how personal information is used in housing, credit, employment, health, education, and the marketplace.” This is among our concerns as well, and our comments focused on understanding big data’s benefits while drawing attention to where there are significant privacy risks that need to be addressed.
It is important to use SSL, or encrypted connections when you use web-based email. Yahoo does not automatically set SSL or secure mail connections by default. You have to set it manually until January 2014. These tips walk you through how to set Yahoo Mail to use secure connections.
How unique are you? We played with a data privacy tool today here at WPF that showed us if the combination of our birthdate and zip code made us statistically unique. The more unique you are, the more identifiable you are in a sea of supposedly “anonymous” data. This tool was developed by Dr. LaTanya Sweeney at Harvard’s Data Privacy Lab, and using it will tell you how easily you can be identified from records that may not even have your name on them.
Genetic Privacy | Bioethics — WPF filed comments with the Presidential Commission for the Study of Bioethics today urging the Commission to recognize the need for enhanced genetic privacy protections in a digital world. WPF noted that “The increasing identifiability of genetic data presents major privacy issues for research activities that must be acknowledged and addressed.” WPF suggested four key ways that Certificate of Confidentiality programs could be enhanced for privacy protection, and urged the Commission to speak out about the importance of protecting patient privacy in research activities involving genetic information. “The Commission should advocate providing patients with reasonable controls over research uses of their data as electronic records develop and spread throughout the health care system.” Public comments may be submitted to the Commission until May 25, 2012.